From owner-freebsd-questions@FreeBSD.ORG Tue Nov 16 15:49:57 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 92AF916A4CE for ; Tue, 16 Nov 2004 15:49:57 +0000 (GMT) Received: from ns2.wananchi.com (mail.wananchi.com [62.8.64.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 17A1D43D1F for ; Tue, 16 Nov 2004 15:49:52 +0000 (GMT) (envelope-from wash@wananchi.com) Received: from wash by ns2.wananchi.com with local (Exim 4.43 #0 (FreeBSD 4.10-STABLE)) id 1CU5aV-000I0G-V2 by authid for ; Tue, 16 Nov 2004 18:49:47 +0300 Date: Tue, 16 Nov 2004 18:49:47 +0300 From: Odhiambo Washington To: freebsd-questions@freebsd.org Message-ID: <20041116154947.GN68837@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , freebsd-questions@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Mailer: Mutt 1.5.6i (2004-02-01) X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. User-Agent: Mutt/1.5.6i Subject: IPF+IPNAT and port redirection X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Nov 2004 15:49:57 -0000 I have a FreeBSD router box running IPF/IPNAT. With the advent of Viruses that have their own SMTP engines, I would like to capture any traffic going out from internal LAN to port 25 and redirect those to port 25 of my router. I believe this is the equivalent of "reverse port mapping", if I can call it that. How do I redirect this using ipnat? Right now I have the following in my /etc/ipnat.rules: map rl0 10.0.0.0/24 -> 0.0.0.0/32 portmap tcp/udp auto map rl0 10.0.0.0/24 -> 0.0.0.0/32 .... rl0 being my oif, and xl0 being iif. Given that my iip is 10.0.0.2, I would like to do this: rdr xl0 0.0.0.0/24 port 25 -> 10.0.0.2 port 25 The problem is 10.0.0.2 is a subset of 0.0.0.0/24. Shall I redirect then to the external IP instead? I am damn confused with these IPNAT stuff ;) -Wash http://www.netmeister.org/news/learn2quote.html -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ The fact that it works is immaterial. -- L. Ogborn